British Railway Passengers Attacked

Uploaded on 2024-09-27 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Wi-Fi networks at a number of train stations across the UK have been suspended after being hacked. British Transport Police are investigating after there was an attack on Wi-Fi networks at 19 stations across the country, which are run by Network Rail. 

Passengers logging onto the Wi-Fi saw a webpage containing details of Islamist terrorist incidents in the UK and abroad. So far, no personal data is known to have been affected. 

Now, a man has been arrested after passengers at many of the nation's busiest train stations were affected 

The police say the suspect is an employee of Global Reach Technology, which provides  Wi-Fi services to Network Rail. The man was arrested on suspicion of offences under the Computer Misuse Act 1990 and offences under the Malicious Communications Act 1988. 

  • Ten London Stations in were were affected: They are: Euston, Victoria, King’s Cross, London Bridge, Cannon Street, Charing Cross, Liverpool Street, Paddington, Clapham Junction and Waterloo.
  • Stations outside London affected include: Manchester Piccadilly, Birmingham New Street, Glasgow Central, Leeds City, Liverpool Lime Street, Bristol Temple Meads, Edinburgh Waverley, Reading, and Guildford.

This incident follows a recent attack on Transport for London which runs Bus, Underground, Overground and other public transport services in the capital. That exploit is understood to have potentially exposed the bank account details of about 5k train passengers, either via activity on their Oyster card account or refund data. This data includes account numbers and sort codes.

A 17-year-old male was arrested on September 5th on suspicion of Computer Misuse Act offences in relation to that attack. 

In coment, Kev Eley, Vice President UKI at Exabeam said “The cyberattack on Network Rail marks a major cybersecurity incident in the UK.. There are several layers to this incident that make it particularly concerning. Firstly, there is the sheer scale of the attack and the widespread disruption that comes with this... Beyond the disruption caused, the attack raises questions around the security of personal data used to access National Rail Wi-Fi services...

What makes this attack even more worrying is its potential to cause widespread panic due to the nature of the message displayed to passengers when they logged into the Wi-Fi.

Ultimately, this incident serves as an important reminder of the significant risk posed by third-party suppliers and why it is vital that this element of cybersecurity is not overlooked." Eley said

Standard   |   Independent   |   BBC   |   Guardian   |    Sky  |   Mail

Image: @networkrail

You Might Also Read: 

Attack On Transport For London Exposed Passenger Bank Details:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Will Hezbollah Launch Cyber Attacks On Israel?
The Key Issues For SME Cyber Security [extract] »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Uniken

Uniken

Uniken REL-ID is a safe, simple, and scalable security platform that tightly integrates your identity, authentication, and channel security.

2Secure

2Secure

2Secure is one of Sweden's largest private security companies. Service inlcude personal security, corporate security, information and cyber security.

Rogue Wave Software

Rogue Wave Software

At Rogue Wave, our mission is to simplify your hardest problems, improve software quality and security, and shorten the time it takes to deliver value.

Blockchain Slovakia

Blockchain Slovakia

Blockchain Slovakia is a non-profit organization that brings together researchers, developers, entrepreneurs, regulators, investors and the public to support blockchain technology in Slovakia.

Forensic Pathways

Forensic Pathways

Forensic Pathways focus on the provision of digital forensic technologies, offering clients unique technologies in the management of mobile phone data, image analysis and ballistics analysis.

Culinda

Culinda

Culinda secures medical IoT devices in hospitals with An Artificial Intelligence platform and security gateway.

oneM2M

oneM2M

oneM2M is a global organization creating a scalable and interoperable standard for communications of devices and services used in M2M applications and the Internet of Things.

Centre for Multidisciplinary Research, Innovation & Collaboration (C-MRiC)

Centre for Multidisciplinary Research, Innovation & Collaboration (C-MRiC)

C-MRiC collaborates on initiatives, ranging from national cyber security, enterprise security, information assurance, protection strategy, climate control to health and life sciences.

SparkLabs Cyber + Blockchain

SparkLabs Cyber + Blockchain

SparkLabs Cyber + Blockchain accelerator is located in Washington D.C. which is one of the world's top cybersecurity ecosystems.

Chainlink

Chainlink

Chainlink expands the capability of smart contracts by enabling access to real-world data and systems without sacrificing the security and reliability guarantees inherent to blockchain technology.

GitProtect.io

GitProtect.io

​GitProtect is a fully manageable, professional GitHub and Bitbucket backup and recovery software that protects repositories and metadata from any event of failure.

Valtix

Valtix

Valtix is the first and only multi-cloud network security platform delivered as a service that enables cloud teams to meet the most stringent security requirements in a cloud-first & simple way.

Siren

Siren

Siren provides the leading Investigative Intelligence Platform to some of the world’s leading Law Enforcement, National Security and Cyber threat investigators.

Omantel Innovation Labs

Omantel Innovation Labs

The Omantel Innovation Labs is a platform to enable startups and innovators to develop and commercialize solutions within selected technology verticals including cybersecurity.

CyberEPQ

CyberEPQ

CyberEPQ (Cyber Extended Project Qualification) is the UK’s first and only Extended Project Qualification in Cyber Security.

Assura

Assura

Assura provides innovative cybersecurity advisory and managed services to all industries including government, healthcare, financial, manufacturing, and transportation sectors.